Skip to content

Instantly share code, notes, and snippets.

@jseiser

jseiser/gist:eed3b4ffdd1ff3def604c4c78c989c1f Secret

Created September 27, 2022 15:32
Show Gist options
  • Save jseiser/eed3b4ffdd1ff3def604c4c78c989c1f to your computer and use it in GitHub Desktop.
Save jseiser/eed3b4ffdd1ff3def604c4c78c989c1f to your computer and use it in GitHub Desktop.
Download ZIP
Secrets
Raw
gistfile1.txt
```
creation_rules:
- path_regex: .*.yaml
encrypted_regex: ^(data|stringData)$
age: >-
stuff
- filename_regex: values.encrypted$
age: >-
stuff
```
`sops -e --input-type=yaml --output-type=yaml infrastructure/kube-prometheus-stack/prom-stack-values > values.encrypted`
```
nameReference:
- kind: Secret
version: v1
fieldSpecs:
- path: spec/valuesFrom/name
kind: HelmRelease
```
```
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: kube-prometheus-stack
namespace: monitoring
spec:
chart:
spec:
chart: kube-prometheus-stack
sourceRef:
kind: HelmRepository
name: prometheus
namespace: flux-system
version: "40.1.x"
interval: 1h0m0s
install:
remediation:
retries: 3
valuesFrom:
- kind: Secret
name: values-secret
```
```
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: monitoring
resources:
- namespace.yaml
- grafana-auth.yaml
- okta-oidc-secret.yaml
- release.yaml
secretGenerator:
- name: values-secret
files:
- values.yaml=values.encrypted
configurations:
- kustomizeconfig.yaml
```
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment